Friday, December 27, 2024

Cybercrime and FinTechs – Israeli Scam Tourism and the Estonian Challenge to European Regulators and Law Enforcement

Spread financial intelligence

Estonia is a member of the EU. This means that Estonian companies and financial service providers have free access to the EU market in principle. However, like any EU member state, Estonia is also responsible for ensuring that Community directives are implemented and complied with and EU residents are protected. This also and above all applies to the system-critical financial market. However, since about 2018, Estonia has made a sad name for itself as a preferred place for cybercrime and financial fraud. The so-called crypto-licenses for the “regulated” operation of online wallets and online exchanges for digital currencies are used excessively and obviously for scams and online investment fraud.

The booming Estonian license business

Estonian crypto licenses are issued by the local Financial Intelligence Unit (FIU), an independent structural unit of the Estonian Police and Border Guard Board responsible for AML and CFT (read more on the licenses here on Medium).

A Google search for “crypto license” initially brings four advertisements from Estonian providers for crypto licenses. For a few thousand euros, you can get such a license within 30 – 50 days. From specialized companies in Estonia. Instead of a scarce and therefore regulated asset, in Estonia the license to operate a financial business is sold as a commodity. Openly in front of the eyes of the local authorities.

Estonian FinTech Plague

Evidently, an attractive business for lawyers and company builders has developed around these Estonian licenses. They set up the necessary Estonian company for foreign citizens and legal entities for a good fee and also provide the Estonian frontmen. Among the best clients of Estonian professionals are Israeli scammers.

The Israeli Scam Tourists in Estonia

An analysis of investment warnings issued by regulators combined with our whistleblower and victim information shows that around 7 out of 10 of these evil Estonian “OÜ-FinTechs” are operated by Israelis. The legal form of OÜs (Osaühing) are the Estonian version of a private limited company (Ltd) or limited liability company (LLC).

Around the first ban of binary options trading for Israeli residents in March 2016, the perpetrators and their teams started to migrate to European countries in a move that can be called scam tourism:

  • Belgrade, Serbia: Between 2016 and 2018, some 7,000 Israel worked in illegal boiler rooms;
  • Podgorica, Montenegro: dozens of illegal payment processors have been established around the money-laundering hub, Atlas Banka, through lawyers in Belgrade;
  • Sofia, Bulgaria: the favorite scam tourism center in the EU around the money-laundering hub Investbank;
  • Kiev, Ukraine: a nice place to operate development centers with highly qualified and cheap developers and Russian connections;

After the collapse of the Montenegrin Atlas Banka and parallel to the crypto-hype in 2017, the Estonian crypto-licenses have drawn the Israeli attackers to Estonia en masse. Israeli scam tourists have since then focused on Tallinn to set-up their legal entities in the EU. Not to live there, but to exploit the regulatory laissez-faire. Since then, the scam combination of

  • a brand-owning legal entity registered in the Marshall Islands,
  • an illegal boiler room operation on the Balkans (Belgrade, Sarajevo, Tirana)
  • an Estonian scam operator to register as a merchant with payment processors, and
  • an Estonian FinTech as a payment processor

has become particularly popular in the Israeli broker-scam scene.

The Cybercrime Tsunami

Like a tsunami, the Estonian “OÜ” as operators of scams and crypto financial service providers came across the EU. The licensed Estonian FinTechs are increasingly being operated by cybercriminals themselves via local frontmen. They are used to process illegally obtained funds. There seems to be no control by the Estonian financial market supervisory authorities. The naive victims of scams and investment fraud schemes are told that they would make their deposits through licensed financial service providers.

These criminal FinTechs connect with “good” FinTechs across multiple jurisdictional regimes via API, maintain accounts with “good,” and provide their cybercrime customers with the entire portfolio of payment services.

Responsibility and liability of supervisory authorities

Financial market supervisory authorities have a responsibility towards consumers. That’s the essential reason for their existence. For this they can also be legally challenged by the victims of scams, who rely on the authorities to do their supervisory job properly. Tens of thousands of victims of scams in the EU have lost their money via Estonian crypto-financial service providers. This is the responsibility of the Estonian authorities such as the Financial Intelligence Unit (FIU) as the issuers of these licenses.